I have a similar scenario with a PIX and 3030. The firewall rules look like

access-list outside_acl permit icmp any host 1.1.1.1

access-list outside_acl permit esp any host 1.1.1.1

access-list outside_acl permit udp any host 1.1.1.1 eq isakmp

access-list outside_acl permit udp any host 1.1.1.1 eq 4500

access-list outside_acl permit tcp any host 1.1.1.1 eq 10000

static (dmz,outside) 1.1.1.1 192.168.199.3 netmask 255.255.255.255 0 0

Rick